From: Ralph Boehme <slow@samba.org>
Date: Mon, 11 Jan 2021 15:15:15 +0000 (+0100)
Subject: winbind: move "winbind:ignore domain" logic to a seperate function
X-Git-Tag: samba-4.12.12~30
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f3c47cdc1d3fe5a03879bec7f2892a393e3b0211;p=thirdparty%2Fsamba.git

winbind: move "winbind:ignore domain" logic to a seperate function

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14602

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 894caca79476d25a0268d89b2ad8a5758b7e31f3)
---

diff --git a/source3/include/proto.h b/source3/include/proto.h
index 5d5da28bbb5..921b92830c2 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -319,6 +319,7 @@ struct passwd *Get_Pwnam_alloc(TALLOC_CTX *mem_ctx, const char *user);
 /* The following definitions come from lib/util_names.c  */
 const char *get_global_sam_name(void);
 const char *my_sam_name(void);
+bool is_allowed_domain(const char *domain_name);
 
 /* The following definitions come from lib/util.c  */
 
diff --git a/source3/lib/util_names.c b/source3/lib/util_names.c
index dc5c530346c..efef88f4f7b 100644
--- a/source3/lib/util_names.c
+++ b/source3/lib/util_names.c
@@ -185,3 +185,23 @@ const char *my_sam_name(void)
 
 	return lp_workgroup();
 }
+
+bool is_allowed_domain(const char *domain_name)
+{
+	const char **ignored_domains = NULL;
+	const char **dom = NULL;
+
+	ignored_domains = lp_parm_string_list(-1,
+					      "winbind",
+					      "ignore domains",
+					      NULL);
+
+	for (dom = ignored_domains; dom != NULL && *dom != NULL; dom++) {
+		if (gen_fnmatch(*dom, domain_name) == 0) {
+			DBG_NOTICE("Ignoring domain '%s'\n", domain_name);
+			return false;
+		}
+	}
+
+	return true;
+}
diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c
index c2f02b74211..bec706f87de 100644
--- a/source3/winbindd/winbindd_util.c
+++ b/source3/winbindd/winbindd_util.c
@@ -123,8 +123,6 @@ static NTSTATUS add_trusted_domain(const char *domain_name,
 				   struct winbindd_domain **_d)
 {
 	struct winbindd_domain *domain = NULL;
-	const char **ignored_domains = NULL;
-	const char **dom = NULL;
 	int role = lp_server_role();
 	struct dom_sid_buf buf;
 
@@ -133,12 +131,8 @@ static NTSTATUS add_trusted_domain(const char *domain_name,
 		return NT_STATUS_INVALID_PARAMETER;
 	}
 
-	ignored_domains = lp_parm_string_list(-1, "winbind", "ignore domains", NULL);
-	for (dom=ignored_domains; dom && *dom; dom++) {
-		if (gen_fnmatch(*dom, domain_name) == 0) {
-			DEBUG(2,("Ignoring domain '%s'\n", domain_name));
-			return NT_STATUS_NO_SUCH_DOMAIN;
-		}
+	if (!is_allowed_domain(domain_name)) {
+		return NT_STATUS_NO_SUCH_DOMAIN;
 	}
 
 	/*